Cleanup

2024-11-22 04:56:03 +03:00 · 2020-12-31 23:09:58 -06:00 · 2020-12-31 23:09:58 -06:00 · b3ad82fd48
commit b3ad82fd48
parent cac5191155
6 changed files with 23 additions and 31 deletions
--- a/extras/vpnupgrade.sh
+++ b/extras/vpnupgrade.sh
@ -26,10 +26,7 @@ exiterr2() { exiterr "'apt-get install' failed."; }
 vpnupgrade() {

 os_type=$(lsb_release -si 2>/dev/null)
-if [ -z "$os_type" ]; then
-  [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
-  [ -f /etc/lsb-release ] && os_type=$(. /etc/lsb-release && printf '%s' "$DISTRIB_ID")
-fi
+[ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
 case $os_type in
  *[Uu]buntu*)
    os_type=ubuntu
@ -42,7 +39,7 @@ case $os_type in
    ;;
  *)
    echo "Error: This script only supports Ubuntu and Debian." >&2
-    echo "For CentOS/RHEL, use https://git.io/vpnsetup-centos" >&2
+    echo "For CentOS/RHEL, use https://git.io/vpnupgrade-centos" >&2
    exit 1
    ;;
 esac
@ -55,7 +52,7 @@ if [ "$(id -u)" != 0 ]; then
  exiterr "Script must be run as root. Try 'sudo sh $0'"
 fi

-case "$SWAN_VER" in
+case $SWAN_VER in
  3.2[679]|3.3[12]|4.1)
    /bin/true
    ;;
@ -155,7 +152,7 @@ WARNING: Debian 8 (Jessie) has reached its end-of-life on June 30, 2020.
 EOF
 fi

-case "$SWAN_VER" in
+case $SWAN_VER in
  3.2[679]|3.3[12])
 cat <<'EOF'
 WARNING: Older versions of Libreswan could contain known security vulnerabilities.
@ -281,7 +278,7 @@ elif [ "$dns_state" = "2" ]; then
  sed -i "s/^[[:space:]]\+modecfgdns1=.\+/  modecfgdns=$DNS_SRV1/" /etc/ipsec.conf
 fi

-case "$SWAN_VER" in
+case $SWAN_VER in
  3.29|3.3[12]|4.1)
    sed -i "/ikev2=never/d" /etc/ipsec.conf
    sed -i "/conn shared/a \  ikev2=never" /etc/ipsec.conf
--- a/extras/vpnupgrade_amzn.sh
+++ b/extras/vpnupgrade_amzn.sh
@ -36,7 +36,7 @@ if [ "$(id -u)" != 0 ]; then
  exiterr "Script must be run as root. Try 'sudo sh $0'"
 fi

-case "$SWAN_VER" in
+case $SWAN_VER in
  3.2[679]|3.3[12]|4.1)
    /bin/true
    ;;
@ -125,7 +125,7 @@ NOTE: This script will make the following changes to your IPsec config:

 EOF

-case "$SWAN_VER" in
+case $SWAN_VER in
  3.2[679]|3.3[12])
 cat <<'EOF'
 WARNING: Older versions of Libreswan could contain known security vulnerabilities.
@ -238,7 +238,7 @@ elif [ "$dns_state" = "2" ]; then
  sed -i "s/^[[:space:]]\+modecfgdns1=.\+/  modecfgdns=$DNS_SRV1/" /etc/ipsec.conf
 fi

-case "$SWAN_VER" in
+case $SWAN_VER in
  3.29|3.3[12]|4.1)
    sed -i "/ikev2=never/d" /etc/ipsec.conf
    sed -i "/conn shared/a \  ikev2=never" /etc/ipsec.conf
--- a/extras/vpnupgrade_centos.sh
+++ b/extras/vpnupgrade_centos.sh
@ -39,7 +39,7 @@ if [ "$(id -u)" != 0 ]; then
  exiterr "Script must be run as root. Try 'sudo sh $0'"
 fi

-case "$SWAN_VER" in
+case $SWAN_VER in
  3.2[679]|3.3[12]|4.1)
    /bin/true
    ;;
@ -138,7 +138,7 @@ NOTE: This script will make the following changes to your IPsec config:

 EOF

-case "$SWAN_VER" in
+case $SWAN_VER in
  3.2[679]|3.3[12])
 cat <<'EOF'
 WARNING: Older versions of Libreswan could contain known security vulnerabilities.
@ -265,7 +265,7 @@ elif [ "$dns_state" = "2" ]; then
  sed -i "s/^[[:space:]]\+modecfgdns1=.\+/  modecfgdns=$DNS_SRV1/" /etc/ipsec.conf
 fi

-case "$SWAN_VER" in
+case $SWAN_VER in
  3.29|3.3[12]|4.1)
    sed -i "/ikev2=never/d" /etc/ipsec.conf
    sed -i "/conn shared/a \  ikev2=never" /etc/ipsec.conf
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@ -1,7 +1,6 @@
 #!/bin/sh
 #
-# Script for automatic setup of an IPsec VPN server on Ubuntu and Debian.
-# Works on any dedicated server or virtual private server (VPS) except OpenVZ.
+# Script for automatic setup of an IPsec VPN server on Ubuntu and Debian
 #
 # DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC!
 #
@ -50,10 +49,7 @@ check_ip() {
 vpnsetup() {

 os_type=$(lsb_release -si 2>/dev/null)
-if [ -z "$os_type" ]; then
-  [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
-  [ -f /etc/lsb-release ] && os_type=$(. /etc/lsb-release && printf '%s' "$DISTRIB_ID")
-fi
+[ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
 case $os_type in
  *[Uu]buntu*)
    os_type=ubuntu
@ -72,8 +68,8 @@ case $os_type in
 esac

 debian_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')
-if [ "$debian_ver" = "8" ]; then
-  exiterr "Debian 8 is not supported."
+if [ "$debian_ver" = "8" ] || [ "$debian_ver" = "jessiesid" ]; then
+  exiterr "Debian 8 or Ubuntu < 16.04 is not supported."
 fi
 if [ "$debian_ver" = "10" ] && [ ! -e /dev/ppp ]; then
  exiterr "/dev/ppp is missing. Debian 10 users, see: https://git.io/vpndebian10"
@ -92,7 +88,7 @@ def_iface=$(route 2>/dev/null | grep -m 1 '^default' | grep -o '[^ ]*$')
 def_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
 if [ -n "$def_state" ] && [ "$def_state" != "down" ]; then
  if ! uname -m | grep -qi -e '^arm' -e '^aarch64'; then
-    case "$def_iface" in
+    case $def_iface in
      wl*)
        exiterr "Wireless interface '$def_iface' detected. DO NOT run this script on your PC or Mac!"
        ;;
@ -542,7 +538,7 @@ EOF

 if [ "$SWAN_VER" != "$swan_ver_latest" ]; then
 cat <<EOF
-Note: A newer version of Libreswan ($swan_ver_latest) is available. To upgrade:
+Note: A newer Libreswan version $swan_ver_latest is available. To upgrade:
  wget https://git.io/vpnupgrade -O vpnupgrade.sh
  sudo sh vpnupgrade.sh

--- a/vpnsetup_amzn.sh
+++ b/vpnsetup_amzn.sh
@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Script for automatic setup of an IPsec VPN server on Amazon Linux 2.
+# Script for automatic setup of an IPsec VPN server on Amazon Linux 2
 #
 # DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC!
 #
@ -62,7 +62,7 @@ def_iface=$(route 2>/dev/null | grep -m 1 '^default' | grep -o '[^ ]*$')
 [ -z "$def_iface" ] && def_iface=$(ip -4 route list 0/0 2>/dev/null | grep -m 1 -Po '(?<=dev )(\S+)')
 def_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
 if [ -n "$def_state" ] && [ "$def_state" != "down" ]; then
-  case "$def_iface" in
+  case $def_iface in
    wl*)
      exiterr "Wireless interface '$def_iface' detected. DO NOT run this script on your PC or Mac!"
      ;;
@ -456,7 +456,7 @@ EOF

 if [ "$SWAN_VER" != "$swan_ver_latest" ]; then
 cat <<EOF
-Note: A newer version of Libreswan ($swan_ver_latest) is available. To upgrade:
+Note: A newer Libreswan version $swan_ver_latest is available. To upgrade:
  wget https://git.io/vpnupgrade-amzn -O vpnupgrade.sh
  sudo sh vpnupgrade.sh

--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@ -1,7 +1,6 @@
 #!/bin/sh
 #
-# Script for automatic setup of an IPsec VPN server on CentOS/RHEL 7 and 8.
-# Works on any dedicated server or virtual private server (VPS) except OpenVZ.
+# Script for automatic setup of an IPsec VPN server on CentOS/RHEL 7 and 8
 #
 # DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC!
 #
@ -67,7 +66,7 @@ def_iface=$(route 2>/dev/null | grep -m 1 '^default' | grep -o '[^ ]*$')
 [ -z "$def_iface" ] && def_iface=$(ip -4 route list 0/0 2>/dev/null | grep -m 1 -Po '(?<=dev )(\S+)')
 def_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
 if [ -n "$def_state" ] && [ "$def_state" != "down" ]; then
-  case "$def_iface" in
+  case $def_iface in
    wl*)
      exiterr "Wireless interface '$def_iface' detected. DO NOT run this script on your PC or Mac!"
      ;;
@ -523,7 +522,7 @@ EOF

 if [ "$SWAN_VER" != "$swan_ver_latest" ]; then
 cat <<EOF
-Note: A newer version of Libreswan ($swan_ver_latest) is available. To upgrade:
+Note: A newer Libreswan version $swan_ver_latest is available. To upgrade:
  wget https://git.io/vpnupgrade-centos -O vpnupgrade.sh
  sudo sh vpnupgrade.sh